Index: openid_client_ax.module =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/openid_client_ax/openid_client_ax.module,v retrieving revision 1.2.2.7 diff -u -p -r1.2.2.7 openid_client_ax.module --- openid_client_ax.module 29 Jun 2009 13:03:28 -0000 1.2.2.7 +++ openid_client_ax.module 30 Jun 2009 18:50:05 -0000 @@ -24,6 +24,10 @@ function openid_client_ax_menu() { 'page arguments' => array('openid_client_ax_admin_settings'), 'access arguments' => array('administer openid client ax'), ); + $items['openid/update'] = array( + 'page callback' => 'openid_client_ax_update', + 'access callback' => '_openid_client_ax_access', + ); return $items; } @@ -44,6 +48,7 @@ function openid_client_ax_openid($op, $r $request = array(); $request[sprintf('openid.ns.%s', variable_get('openid_client_ax_alias', 'ax'))] = 'http://openid.net/srv/ax/1.0'; $request[sprintf('openid.%s.mode', variable_get('openid_client_ax_alias', 'ax'))] = 'fetch_request'; + $request[sprintf('openid.%s.update_url', variable_get('openid_client_ax_alias', 'ax'))] = url('openid/update', NULL, NULL, TRUE); $short_names = $attributes = array(); $attributes = module_invoke_all('openid_client', 'get'); foreach ($attributes as $attrib_url) { @@ -61,6 +66,28 @@ function openid_client_ax_openid($op, $r } /** + * Handles unsolicited positive assertion from OPs. + */ +function openid_client_ax_update() { + $response = _openid_response(); + $account = user_external_load($response['openid.claimed_id']); + + // Make sure if the RP is valid, do Direct Verification. + $disco = openid_discovery($response['openid.claimed_id']); + $endpoint = $disco[0]['uri']; + $valid = openid_verify_assertion($endpoint, $response); + + // Ask the OP to stop sending updates + if ($valid == FALSE) { + header("HTTP/1.0 404 Not Found"); + return; + } + + // Update the profile data + module_invoke_all('openid_client', 'update', $response, $account); +} + +/** * Settings function for the module */ function openid_client_ax_admin_settings() { @@ -194,6 +221,14 @@ function _openid_client_ax_get_multiple_ } /** + * Allow access to openid AX update URL. + * @see hook_menu(). + */ +function _openid_client_ax_access() { + return TRUE; +} + +/** * Create an array containing the identifiers as listed in * http://www.axschema.org/types/ *